WordPress - Is It Time To Update
WordPress: It Is Extremely Important To Keep Your Site Updated
I would estimate that more than 95% of the websites on our servers have WordPress as their CMS (Content Management System). Why not, it is extremely flexible and there are thousands of themes and plugins. A theme is what makes the website look the way it does, and a plugin adds features and functionality to your website. Let’s say you want to sell your homemade candy. Then you would need to use an e-commerce plugin like WooCommerce. WooCommerce has all the shopping cart functionality built-in already, and if there is a particular feature that you want, but isn’t built-in, you can just find the plugin that does what you want and add that to your new website.
The problem we see too often is that many businesses will try to spend little to no money on their website and once it is online, they forget about it. It seems difficult for some business owners to understand that a website is a 24 x 7 x 365 color and interactive phone book listing. It is also a 24 x 7 x 365 television commercial. And it even acts like a 24 x 7 x 365 radio spot. It is all those things and so much more.
We have seen clients who are willing to spend several thousand dollars on a 4″x6″ phone book listing (who reads the phone book?). Yet they will try to spend a couple of hundred dollars on their website, or better yet, they have a friend of the family, who knows this girl who can design a website, as she loves to write stories. And to make matters worse, once their website is online, they completely forget that the website exists, they don’t update any of the software or any of the plugins and they never update any of the content on the website. Well, forget is a harsh word, let’s say that they ignore their website until it is too late.
We had once been hired by local companies who had been hacked and when we got into their website and started cleaning things up, we found that their WordPress core was more than two years behind on updates, and almost every plug-in was more than three years behind on updates. And this isn’t even that rare or shocking, I can think of a good half-dozen or more websites that are like this.
It is not only important that you change the content periodically and use your website as a tool and not an expense. But it is also important to keep your plugins and themes up-to-date. We recommend that you make changes at least once a month, twice is better.
Last year, a flaw in the Houzez (Real Estate) theme, has put 35,000 websites in jeopardy of being hacked. In January a flaw in the LearnPress plugin put 75,000 websites in jeopardy of being hacked. Earlier in January 2023, a flaw in three different plugins put tens of thousands of active installations vulnerable to high-severity or critical SQL injection vulnerabilities, with proof-of-concept exploits now publicly available.
This is just a sample of the more recent vulnerabilities for WordPress and believe it or not, WordPress is one of the more secure CMSs available, and many of the flaws and vulnerabilities are found by white-hat hackers (the good guys) because the source code is open for anyone to review. Regardless of what you use for your CMS, you should ensure that you are keeping it up-to-date. We offer maintenance packages, for that very reason. And if your site is hacked, you may have to pay to have it restored and if other sites or the server is damaged due to your site being hacked and being the gateway into the rest of the server, then you may have to pay for repairs there as well. It is far more cost-effective to get a maintenance package.